[Secure-testing-commits] r24535 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Dec 3 08:51:39 UTC 2013 

Author: carnil
Date: 2013-12-03 08:51:39 +0000 (Tue, 03 Dec 2013)
New Revision: 24535

Modified:
   data/CVE/list
Log:
Run a manual update for CVE list

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-12-03 07:01:40 UTC (rev 24534)
+++ data/CVE/list	2013-12-03 08:51:39 UTC (rev 24535)
@@ -1,4 +1,44 @@
-CVE-2013-6918
+CVE-2013-6920
+	RESERVED
+CVE-2013-6919
+	RESERVED
+CVE-2013-6917
+	RESERVED
+CVE-2013-6916
+	RESERVED
+CVE-2013-6915
+	RESERVED
+CVE-2013-6914
+	RESERVED
+CVE-2013-6913
+	RESERVED
+CVE-2013-6912
+	RESERVED
+CVE-2013-6911
+	RESERVED
+CVE-2013-6910
+	RESERVED
+CVE-2013-6909
+	RESERVED
+CVE-2013-6908
+	RESERVED
+CVE-2013-6907
+	RESERVED
+CVE-2013-6906
+	RESERVED
+CVE-2013-6905
+	RESERVED
+CVE-2013-6904
+	RESERVED
+CVE-2013-6903
+	RESERVED
+CVE-2013-6902
+	RESERVED
+CVE-2013-6901
+	RESERVED
+CVE-2013-6900
+	RESERVED
+CVE-2013-6918 (The web interface on the Satechi travel router 1.5, when Wi-Fi is used ...)
 	NOT-FOR-US: Satechi travel router
 CVE-2013-6899
 	RESERVED
@@ -246,8 +286,8 @@
 	NOT-FOR-US: Olat
 CVE-2013-6792
 	RESERVED
-CVE-2013-6791
-	RESERVED
+CVE-2013-6791 (Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 ...)
+	TODO: check
 CVE-2013-6790
 	RESERVED
 CVE-2013-6789 (security/MemberLoginForm.php in SilverStripe 3.0.3 supports ...)
@@ -391,8 +431,8 @@
 	RESERVED
 CVE-2013-6719
 	RESERVED
-CVE-2013-6718
-	RESERVED
+CVE-2013-6718 (The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and ...)
+	TODO: check
 CVE-2013-6717
 	RESERVED
 CVE-2013-6716
@@ -436,10 +476,10 @@
 	NOT-FOR-US: Cisco
 CVE-2013-6697
 	RESERVED
-CVE-2013-6696
-	RESERVED
-CVE-2013-6695
-	RESERVED
+CVE-2013-6696 (Cisco Adaptive Security Appliance (ASA) Software does not properly ...)
+	TODO: check
+CVE-2013-6695 (The RBAC implementation in Cisco Secure Access Control System (ACS) ...)
+	TODO: check
 CVE-2013-6694 (The IPSec implementation in Cisco IOS allows remote attackers to cause ...)
 	NOT-FOR-US: Cisco
 CVE-2013-6693 (The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 ...)
@@ -1141,8 +1181,7 @@
 	- percona-xtrabackup <unfixed> (bug #730544)
 CVE-2013-6393
 	RESERVED
-CVE-2013-6392 [information disclosure]
-	RESERVED
+CVE-2013-6392 (The genlock_dev_ioctl function in genlock.c in the Genlock driver for ...)
 	- linux-2.6 <not-affected> (Android-specific)
 	- linux <not-affected> (Android-specific)
 	NOTE: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3
@@ -1372,8 +1411,8 @@
 	RESERVED
 CVE-2013-6308
 	RESERVED
-CVE-2013-6307
-	RESERVED
+CVE-2013-6307 (Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM ...)
+	TODO: check
 CVE-2013-6306
 	RESERVED
 CVE-2013-6305
@@ -1913,10 +1952,12 @@
 	RESERVED
 CVE-2013-6054
 	RESERVED
+	{DSA-2808-1}
 CVE-2013-6053
 	RESERVED
 CVE-2013-6052
 	RESERVED
+	{DSA-2808-1}
 CVE-2013-6051 [bgpd crash on valid BGP updates]
 	RESERVED
 	{DSA-2803-1}
@@ -1942,6 +1983,7 @@
 	RESERVED
 CVE-2013-6045
 	RESERVED
+	{DSA-2808-1}
 CVE-2013-6044 (The is_safe_url function in utils/http.py in Django 1.4.x before ...)
 	{DSA-2740-1}
 	- python-django 1.5.2-1
@@ -2928,11 +2970,10 @@
 	RESERVED
 CVE-2013-5637
 	RESERVED
-CVE-2013-5636
-	RESERVED
+CVE-2013-5636 (Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint ...)
 	NOT-FOR-US: Check Point Endpoint Security
-CVE-2013-5635
-	RESERVED
+CVE-2013-5635 (Media Encryption EPM Explorer in Check Point Endpoint Security through ...)
+	TODO: check
 CVE-2013-5633
 	REJECTED
 CVE-2013-5632
@@ -3378,8 +3419,8 @@
 	RESERVED
 CVE-2013-5464
 	RESERVED
-CVE-2013-5463
-	RESERVED
+CVE-2013-5463 (The WinCollect agent in IBM Security QRadar SIEM before 7.1.1.569824 ...)
+	TODO: check
 CVE-2013-5462
 	RESERVED
 CVE-2013-5461
@@ -3408,8 +3449,8 @@
 	NOT-FOR-US: IBM
 CVE-2013-5449
 	RESERVED
-CVE-2013-5448
-	RESERVED
+CVE-2013-5448 (Cross-site scripting (XSS) vulnerability in the Right Click Plugin ...)
+	TODO: check
 CVE-2013-5447
 	RESERVED
 CVE-2013-5446 (The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 ...)
@@ -5448,7 +5489,7 @@
 CVE-2013-4544
 	RESERVED
 CVE-2013-4543
-	RESERVED
+	REJECTED
 CVE-2013-4542
 	RESERVED
 CVE-2013-4541
@@ -5478,7 +5519,7 @@
 CVE-2013-4529
 	RESERVED
 CVE-2013-4528
-	RESERVED
+	REJECTED
 CVE-2013-4527
 	RESERVED
 CVE-2013-4526
@@ -5854,7 +5895,7 @@
 CVE-2013-4418
 	RESERVED
 CVE-2013-4417
-	RESERVED
+	REJECTED
 CVE-2013-4416 (The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, ...)
 	- xen <not-affected> (ocaml version of the xenstore daemon not used in Debian)
 CVE-2013-4415
@@ -7832,11 +7873,9 @@
 	RESERVED
 CVE-2013-3709
 	RESERVED
-CVE-2013-3708
-	RESERVED
+CVE-2013-3708 (The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 ...)
 	NOT-FOR-US: Novell iPrint Client
-CVE-2013-3707
-	RESERVED
+CVE-2013-3707 (The HTTPSTK service in the novell-nrm package before ...)
 	NOT-FOR-US: Novell Open Enterprise Server 2
 CVE-2013-3706
 	RESERVED
@@ -8221,7 +8260,7 @@
 	- otrs2 3.2.7-1
 	[squeeze] - otrs2 <not-affected>
 CVE-2013-3550
-	RESERVED
+	REJECTED
 CVE-2013-3549
 	RESERVED
 CVE-2013-3548
@@ -9962,8 +10001,8 @@
 	RESERVED
 CVE-2013-2819
 	RESERVED
-CVE-2013-2818
-	RESERVED
+CVE-2013-2818 (The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 ...)
+	TODO: check
 CVE-2013-2817
 	RESERVED
 CVE-2013-2816
@@ -10704,8 +10743,8 @@
 	RESERVED
 CVE-2013-2506 (app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before ...)
 	NOT-FOR-US: Spree 
-CVE-2012-6535
-	RESERVED
+CVE-2012-6535 (DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, ...)
+	TODO: check
 CVE-2013-2505
 	RESERVED
 CVE-2013-2504
@@ -14223,6 +14262,7 @@
 	RESERVED
 CVE-2013-1447
 	RESERVED
+	{DSA-2808-1}
 CVE-2013-1446
 	RESERVED
 CVE-2013-1445 (The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not ...)
@@ -33882,8 +33922,7 @@
 	RESERVED
 CVE-2012-0435 (SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify ...)
 	NOT-FOR-US: YAST
-CVE-2012-0434
-	RESERVED
+CVE-2012-0434 (The server in Crowbar, as used in SUSE Cloud 1.0, uses weak ...)
 	NOT-FOR-US: Crowbar
 CVE-2012-0433
 	RESERVED
@@ -33897,13 +33936,12 @@
 	NOT-FOR-US: NetIQ eDirectory
 CVE-2012-0428 (Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x ...)
 	NOT-FOR-US: NetIQ eDirectory
-CVE-2012-0427
-	RESERVED
-CVE-2012-0426
-	RESERVED
+CVE-2012-0427 (yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before ...)
+	TODO: check
+CVE-2012-0426 (Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in ...)
 	NOT-FOR-US: SUSE Linux Enterprise for SAP Applications
-CVE-2012-0425
-	RESERVED
+CVE-2012-0425 (LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE ...)
+	TODO: check
 CVE-2012-0424
 	RESERVED
 CVE-2012-0423
@@ -33912,8 +33950,7 @@
 	RESERVED
 CVE-2012-0421 (The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager ...)
 	NOT-FOR-US: SUSE Audit Log Keeper daemon 
-CVE-2012-0420
-	RESERVED
+CVE-2012-0420 (zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before ...)
 	NOT-FOR-US: SUSE Zypper
 CVE-2012-0419 (Directory traversal vulnerability in the agent HTTP interfaces in ...)
 	NOT-FOR-US: Novell GroupWise
@@ -33925,8 +33962,8 @@
 	RESERVED
 CVE-2012-0415
 	RESERVED
-CVE-2012-0414
-	RESERVED
+CVE-2012-0414 (Cross-site scripting (XSS) vulnerability in the Spacewalk service in ...)
+	TODO: check
 CVE-2012-0413
 	RESERVED
 CVE-2012-0412

More information about the Secure-testing-commits mailing list